William Hart

Affiliation: Sandia National Laboratories

LinkedIn

GitHub

Sustainable strategies for managing supply chain security in research software

BSSw Fellow William Hart is exploring how to effectively integrate security practices within open source computational science projects to enhance the security of these projects and their artifacts without disrupting the collaborative interactions that are needed to support open source development with contributors from multiple institutions. Organizations are increasingly challenged to address supply chain security issues in open source software. There are ongoing discussions regarding potential government-wide policies, but it remains unclear how different policies will impact collaborative multi-institutional interactions. This fellowship will support the application of supply chain security practices utilized by the Linux community to Department of Energy (DOE) computational science projects. Through this fellowship, these practices and tools will be evaluated in the context of DOE computational science software projects and assessed relative to emerging DOE needs for supply chain security to identify suitable practices for software security that result in meaningful improvements of supply chain security without disrupting the collaborative process that is essential for open research.

William Hart is a Research Scientist at Sandia National Laboratories. His research focuses on computational operations research, and he has led projects and programs at Sandia on national security challenges, including cybersecurity, critical infrastructure protection, engineering design, and sensor data analysis. A key element of this research is the development of scientific software, and William has been a key developer of many open source software projects, including Dakota, gcovr, PyUtilib, Pyomo, PAO and Coek. These projects range from simple Python scripts to large C++ applications with complex build systems. Additionally, the technology readiness levels of these projects range from demonstrations suitable for basic research to mature capabilities suitable for end-user deployment.